Microsoft Internet Explorer Patch Q312461存在漏洞

漏洞信息详情

Microsoft Internet Explorer Patch Q312461存在漏洞

• CNNVD编号：CNNVD-200111-021
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2001-0904
  
• 漏洞类型：
  
  
  设计错误
  
• 发布时间：
  
  2001-11-20
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  microsoft
• 漏洞来源：
  Discovered by SUZU…

带有Q312461 (MS01-055) patch的Internet Explorer 5.5和6版本修改指示patch已安装的 HTTP_USER_AGENT(UserAgent)信息。远程恶意web站点可以利用该漏洞更易识别并利用易受攻击客户端。

MS Internet Explorer Patch Q312461 is the source of this issue since it reveals whether or not it exists on a system via HTTP_USER_AGENT, however users should ensure that the patch is installed to prevent exploitation of the issues discussed in Microsoft Security Bulletin MS01-055.
Microsoft Internet Explorer 5.5 SP2

• Microsoft Q312461
  
  http://download.microsoft.com/download/ie55sp2/secpac22/5.5_SP2/WIN98M
  e/EN-US/q312461.exe

Microsoft Internet Explorer 6.0

• Microsoft Q312461
  
  http://download.microsoft.com/download/IE60/secpac22/6/W98NT42KMeXP/EN
  -US/q312461.exe

来源: BUGTRAQ
名称: 20011120 MSIE 5.5/6 Q312461 patch disclose patch information
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=100619268115798&w=2

来源: BID
名称: 3556
链接:http://www.securityfocus.com/bid/3556

来源: XF
名称: ie-q312461-patch-existence(7581)
链接:http://www.iss.net/security_center/static/7581.php